Latest (all topics)
Top stories
Hardware
All-in-One printer
Apple Mac
Audio
Backup
Book
Broadband
Camcorder
CD drive
Desktop PC
Digital camera
DVD drive
Gaming
Graphics card
Hard disk
Input device
Laptop
LCD
Mobile phone
Modem
Monitor
Motherboard
Multimedia
Networking
PDA
Printer
Processor
Projector
Scanner
Server
Tuning
UPS
Video
Web camera
Whiteboard
Miscellaneous
Software
Apple Mac
Audio
Backup
Business
Developer
Educational
Game
Graphics
Internet
Linux
Networking
Operating System
PDA
Security
Server
Utilities
Miscellaneous
 
Panda Software's Weekly Report on Viruses and Intruders

PandaLabs offers, as it does every week, a report on the most significant threats in the current malware panorama. This week's report includes two new codes that, although they have different functions and characteristics, share the same aim: steal user data. What's more, PandaLabs warns of the concern that a false virus could cause.

A clear example of the new cyber-crime tendency is the Goldun.IL Trojan, which is a password stealer that tries to capture the e-gold payment details of the affected user. To do this, it goes memory resident on computers without carry out any actions until it detects that the user has accessed the e-gold web page. When this happens, it captures the passwords typed and sends them to another computer. The author of this code can collect the details from this computer and carry out operations with the user's account.

Goldun.IL has been spread through spamming techniques. It has been mass-mailed in a file attached to an email message. The message carrying the malicious file containing Goldun.IL encourages the user to install a Service Pack that supposedly blocks Trojans that try to steal e-gold details.

This week's PandaLabs report also refers to another Trojan called HarBag.A, whose basic mission is to collect email address to which to send the Bagle worm. To do this, it looks for 28 types of files and scans them for email addresses. These file types are files that usually contain email addresses, such as the Windows Address Book, database, temporary Internet files, etc.

After collecting the addresses, it sends them to a server where all the information is centralized. A curious feature of HarBag.A is that it only runs once on each computer, so that the hacker that receives the email addresses collected does not receive the same addresses twice.

Finally, PandaLabs includes information about a false virus for blogs that is starting to generate confusion in the blogosphere. This is simply a joke created by a Dutch author which suggests inserting an animated graphic in blogs. The graphic is a picture of a virus that makes a series of comments, such as how it intends to infect blogs around the world.

PandaLabs reminds users that even though this 'virus' poses no threat, there is a possibility that by exploiting the impact of this joke on many blogs, the same technique might be used to spread genuinely damaging malicious code. To avoid such possible problems, PandaLabs advises users not to insert references to third-party code on personal web pages, even if they are simply jokes. For those who want to insert items from other sites, it is important to ensure that no calls are made to remote servers and that the content is hosted on the author's server.

If blog readers and users suspect the existence of malicious code on a web page that could have infected their computer, Panda Software offers ActiveScan (http://www.activescan.com), a free online tool for detecting and eliminating any malicious code. ActiveScan includes TruPrevent(tm) Technologies, and can therefore even detect unknown malicious code.

For further information about these and other computer threats, visit Panda Software's Encyclopedia




BIOS, Apr 21, 06 | Print | Send | Comments (0) | Posted In Security
Related Articles

Defending In Depth
Cyber Security & Other Games
Second Life, Second Identity?
Don't Choke In The Name Of Security
A Baker's Dozen Of Security Bytes
Patching Up Security
Webroot Software Spy Sweeper 5.3
PC Tools Spyware Doctor 4.0
How Cybercrime Operations Work
ZoneLabs ZoneAlarm Internet Security Suite 7

More...
   
     
© 2007 Black Letter Publishing Ltd. - Disclaimer - Terms - About - Contact - Advertise - Newsletter

Hosted By Gradwell - Powered By Eclipse Internet - Sponsored By Ipswitch & Microboards DVD Duplicators